Over 400 Connections From Bots
Mar 16, 2008Most of them are from Google and Yahoo...
Server is being heavily loaded beause of this.
I guess blocking crawlers is not the most brilliant
Most of them are from Google and Yahoo...
Server is being heavily loaded beause of this.
I guess blocking crawlers is not the most brilliant
I took the 1st one this morning and the 2nd one few hours later. It was filling up my vpss numtcpsock, which slowed down my vps dramtically. Any tips or suggestions? Is there a way to lower the number of numtcpsocks
early morning
Quote:
CLOSE_WAIT
tcp 886 0 74.208.69.213:80 124.43.222.202:2701 CLOSE_WAIT
tcp 886 0 74.208.69.213:80 124.43.222.202:2702 CLOSE_WAIT
tcp 893 0 74.208.69.213:80 124.43.222.202:2703 ESTABLISHED
tcp 0 11950 74.208.69.213:80 58.62.96.22:11072 CLOSE_WAIT
tcp 886 0 74.208.69.213:80 124.43.222.202:2696 CLOSE_WAIT
tcp 0 11950 74.208.69.213:80 58.62.96.22:11073 CLOSE_WAIT
tcp 886 0 74.208.69.213:80 124.43.222.202:2697 CLOSE_WAIT
tcp 292 0 74.208.69.213:80 74.6.72.244:47500 ESTABLISHED
tcp 894 0 74.208.69.213:80 124.43.222.202:2698 CLOSE_WAIT
tcp 892 0 74.208.69.213:80 124.43.222.202:2699 CLOSE_WAIT
tcp 853 0 74.208.69.213:80 87.52.47.152:4663 ESTABLISHED
tcp 393 0 74.208.69.213:80 58.62.96.22:11084 CLOSE_WAIT
tcp 0 0 74.208.69.213:80 85.160.18.247:1598 FIN_WAIT2
tcp 0 11950 74.208.69.213:80 58.62.96.22:11020 LAST_ACK
tcp 0 11855 74.208.69.213:80 222.170.151.73:32432 FIN_WAIT1
tcp 394 0 74.208.69.213:80 58.62.96.22:11085 CLOSE_WAIT
tcp 953 0 74.208.69.213:80 84.144.97.34:61014 ESTABLISHED
tcp 0 52 74.208.69.213:22 74.103.175.48:63101 ESTABLISHED
tcp 951 0 74.208.69.213:80 84.144.97.34:61013 ESTABLISHED
tcp 0 0 74.208.69.213:80 213.6.220.1:46493 TIME_WAIT
tcp 0 11951 74.208.69.213:80 58.62.96.22:11022 LAST_ACK
tcp 0 11978 74.208.69.213:80 124.43.222.202:2694 CLOSE_WAIT
tcp 0 11951 74.208.69.213:80 58.62.96.22:11023 LAST_ACK
tcp 0 11980 74.208.69.213:80 124.43.222.202:2695 CLOSE_WAIT
tcp 394 0 74.208.69.213:80 58.62.96.22:11080 CLOSE_WAIT
tcp 244 0 74.208.69.213:80 86.27.108.29:1643 ESTABLISHED
tcp 394 0 74.208.69.213:80 58.62.96.22:11082 CLOSE_WAIT
tcp 0 11855 74.208.69.213:80 222.170.151.73:18295 FIN_WAIT1
tcp 0 11855 74.208.69.213:80 222.170.151.73:33719 FIN_WAIT1
tcp 1179 0 74.208.69.213:80 85.160.18.247:1606 ESTABLISHED
tcp 0 11854 74.208.69.213:80 222.170.151.73:31560 ESTABLISHED
tcp 0 11950 74.208.69.213:80 58.62.96.22:10996 LAST_ACK
tcp 0 11855 74.208.69.213:80 222.170.151.73:32073 FIN_WAIT1
tcp 0 11855 74.208.69.213:80 222.170.151.73:32075
few hors later:
Quote:
tcp 0 0 74.208.69.213:80 124.43.212.78:3676 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3696 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3737 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3731 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3735 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3723 SYN_RECV
tcp 0 0 74.208.69.213:80 217.77.17.186:1959 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3691 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3671 SYN_RECV
tcp 0 0 74.208.69.213:80 88.102.18.14:3628 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3747 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3757 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3754 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3761 SYN_RECV
tcp 0 0 74.208.69.213:80 201.27.210.29:2540 SYN_RECV
tcp 0 0 74.208.69.213:80 213.216.199.14:37692 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3753 SYN_RECV
tcp 0 0 74.208.69.213:80 72.14.199.72:40365 SYN_RECV
tcp 0 0 74.208.69.213:80 88.146.161.248:19475 SYN_RECV
tcp 0 0 74.208.69.213:80 81.193.196.132:2482 SYN_RECV
tcp 0 0 74.208.69.213:80 82.229.95.240:3246 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3743 SYN_RECV
tcp 0 0 74.208.69.213:80 124.43.212.78:3695 SYN_RECV
tcp 0 23232 74.208.69.213:80 124.43.212.78:3501 ESTABLISHED
tcp 887 0 74.208.69.213:80 124.43.212.78:3693 ESTABLISHED
tcp 897 0 74.208.69.213:80 124.43.212.78:3629 CLOSE_WAIT
tcp 0 11616 74.208.69.213:80 124.43.212.78:3500 ESTABLISHED
tcp 792 0 74.208.69.213:80 124.43.212.78:3628 CLOSE_WAIT
tcp 891 0 74.208.69.213:80 124.43.212.78:3631 CLOSE_WAIT
tcp 890 0 74.208.69.213:80 124.43.212.78:3694 ESTABLISHED
tcp 886 0 74.208.69.213:80 124.43.212.78:3630 CLOSE_WAIT
tcp 800 0 74.208.69.213:80 124.43.212.78:3625 CLOSE_WAIT
tcp 891 0 74.208.69.213:80 124.43.212.78:3624 CLOSE_WAIT
tcp 0 39204 74.208.69.213:80 124.43.212.78:3499 ESTABLISHED
tcp 895 0 74.208.69.213:80 124.43.212.78:3627 CLOSE_WAIT
tcp 0 49173 74.208.69.213:80 124.43.212.78:3562 ESTABLISHED
I would like to ask about the best system or software code used to stop bots and offline down loaders from entering website.
View 2 Replies View RelatedSimple web site:
www.oldWithoutMoney.com
Implemented WordPress a little while ago via cPanel's Fantastico widget -- vanilla implementation.
Just about every day, I get spam comments in the blog's Inbox for moderation.
Was wondering if folks had general tips on how to prevent or minimize this sort of nuisance and make the blog less bot-accessible, and/or where I might read up on ways to do so.
I just received two complaints that my server (71.6.197.244) is trying to run exploits on other people's servers.
I have tried checking my access logs, but am not sure what to look for.
Is this a process, or is it an exploit through a url or a php form?
I have attached the e-mail complaints as txt.
Is there any way to control the pesky Yahoo bots?
Bots with an IP of 74.6.*.* are endlessly crawling my forums, never seeming to be able to finish their task and using up huge amounts of bandwidth. Ideally I would like to be able to turn them away at the gate but allow others to view the site.
If I block the IP via the control panel they still visit presumably just getting error pages but still using up lots of bandwidth.
Looking trough my logs I found something that bothers me, there are bots who keep doing requests on my website with pages like /admin or /secure to find vulnerabilities.
It's making about 5-6 requests for unexisting pages every second until it comes to the end of it's dictionary (the pages are even sorted in alphabetical order,
Is there some way to let my Apache server block access to these bots when they make X attemps to see a page who does not exists in a short amount of time? A bit like iptables reject connection if someone tries to log in but fails to do so too many times.
I have a dedicated RHEL server with cPanel and my server loads spikes about +0.4 (out of 2.0) for about 30 mins every 4-6 hours or so. My regular server load is 0.01, because there is barely any traffic on the server yet, but by looking at my top processes in WHM, I can see that the processes that are spiking the Server Load when it is high, is something like:
sshd: [priv] root
sshd: [priv] root
sshd: [priv] root
sshd: [accepted]
sshd: [priv] games
sshd: [priv] news
sshd: [priv] root
sshd: [priv] root
sshd: [accepted]
...something along these lines. And a lot of times there are 10-20 of these sshd processes at one time.
My server is managed and my dedicated server engineer said it was probably a bot trying passwords. He took one of the IP's, said it was from Taiwan, and blocked that IP in iptables.
However, this is still happening constantly with different IP's. Is there a way to prevent this from happening? I'm the only person (and my host) who should be able to login to my server using SSH... however, I don't have a static IP and I work from multiple locations, so only allowing certain IP's won't work for me.
First off, is this normal? Or am I being attacked or what? What can I do to remedy this? It seems the bots haven't successfully logged in, but they are spiking my server load which is NOT what I want.
I am having a problem with blocking bots using .htaccess. I think I tried all possible syntax variants, yet all the bots that I am blocking get HTTP 200 response instead of 403 (I can verify it using access log).
I am using Apache 2.4 running on Ubuntu 14.04.2 with Plesk 12.0.18.
My AllowOverride is set to allow the use of .htaccess files, so .htaccess file gets loaded: when I make an error in .htaccess sysntax I can see the error in the error log and the webpages don't load. Besides, I have some "Deny from [IP address]" directives in the .htaccess and I see that these IPs get HTTP 403 response when access my site.
I spent hours trying different variants of .htaccess syntax (see below) and neither seems to work...
variant 0:
SetEnvIfNoCase User-Agent LivelapBot bad_bot
SetEnvIfNoCase User-Agent TurnitinBot bad_bot
Order allow,deny
Allow from all
Deny from env=bad_bot
[Code] ....
If I know the IP range that I want to block the best option is to block it with IPTABLES. This works well when you want to block entire countries. But what happens when you want to block specific IPs rather than ranges? Is iptables still more effective than "deny from [IP]" in .htaccess? I read that you don't want iptables to grow too big as it slows performance, but I guess it is still more effective than having big .htaccess..?
When it comes to blocking spam bots or referrers, robots.txt is just a suggestion for bots, when I looked at my traffic logs I noticed that most bots don't even look at robots.txt file. As far as I understand the only option here is to use .htaccess
1. I am currently using this in my .htaccess:
SetEnvIfNoCase User-Agent *ahrefsbot* bad_bot=yes
SetEnvIfNoCase Referer fbdownloader.com spammer=yes
...
SetEnvIfNoCase Referer social-buttons.com spammer=yes
Order allow,deny
Allow from all
Deny from env=spammer
Deny from env=bad_bot
2. Apparently, there is another approach as per below:
# Deny domain access to spammers
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} queryseeker [OR]
RewriteCond %{HTTP_REFERER} ^(www.)?.*(-|.)?adult(-|.).*$ [OR]
...
RewriteCond %{HTTP_REFERER} ^(www.)?.*(-|.)?sex(-|.).*$
RewriteRule .* - [F,L]
Which approach is better #1 or #2? Any better alternative?
Finally, somebody suggested that you need to have both (as per example below). Is it true?
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^rogerbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^exabot [OR]
RewriteCond %{HTTP_USER_AGENT} ^MJ12bot [OR]
[Code] ....
Sometimes my server surcharge load average increase at 60 , and all my configuration are OK
when i type :
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
i have : ...
I tried to update a plugin at my blog its a wordpress blog, as soon as the update was started that site on the server stopped working, (later on i closed the upgradation window), after few minutes website start working automatically, Now in my opinion I think that update process is still running in background thats why connections are creating continuously to that website IP.
[root@server ~]# netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c
1001 serverIPhere
its even touching 1500, I tried to contact my server support but unfortunately they can investigate the issue, instead they told me to check with the following command.
netstat -plan |grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c
which is not an answer to my question. Can anybody please tell me why those connections are making to that website's IP? I don't think its a Ddos attack, because it was just started when i updated the plugin.
Could someone comment on the kind of load a VPS service can handle? If I were to run an HTTP server how many connection/sec would be realistic.
View 3 Replies View RelatedHow many simulteanous connections to the site do alot of webhosting company usually allow with shared hosting packages. I was wondering because4 some companies say pay $$ a month get 300gb of bandwith a month. Can they limit the bandwith by limiting your simulteanous connections? I am asking because I just found out my host only allows 50 per hosting package that is on a shared server. To me that seems to be very little.
View 1 Replies View RelatedWARNING: One or more of your DNS servers does not accept TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. The problem servers are:
Error [No response to TCP packets].
APF is installed on the server, how do I allow TCP DNS connections? I already added port 53 to ingress/egress for TCP and UDP.
I run this a few times a day:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
and get outputs like (just the bottom here, IPs removed):
8 IP #1
8 IP #2
8 . . .etc
8
9
9
9
9
9
10
10
11
12
13
14
15
18
19
25
26
32
32
91
The server runs gallery2, how many connections does an IP need just to browse the gallery? I'd like to block wget etc, but don't want to hurt search engine optimization (SEO). Is there a compromise, like limiting IPs to 5 connections, so the site still gets crawled, just slower?
DDoS deflate is installed: [url]
which permabans IPs with 150+ connections
Also what are the commands to block and unblock these IPs,
Firewall TCP Out Connections
My server started lagging up and I processed my configserver firewall logs and founds tons of TCP out connections. How can I track down which user was making these connections, if possible?
i have a vps, and im current use lighttpd, but i want move to litespeed Standard. And i see they limit Max Concurrent Connections =150 on standard version.
but what is Max Concurrent Connections? where can i find it.
and is it the number connection via port 80 (netstat -nt | grep :80 | wc -l)?
Has anyone worked with the cable companies on internet connections for hosting? Eg. Comcast, TW.
I worked with a sales rep for Comcast a few years ago on a solution for our offices. He worked out a line that would give us 3+mbits up speed for less then the price of a T1.
It also included a dedicated line to our offices. Would using a cable line be a bad idea for a hosting connection?
I signed up for a hosted account with gator and I don't understand something. They tell me it's a policy change for security reasons but the simultaneous SSH connections has been limited to 2. That's just nuts. Is there a real reason why someone would limit this? i need two for editors, one for shell and one for mysql. Minimum of 4. What security concern could cause them to pick 2 as the number?
I just don't get it.
Here's what they said to me.
info: Please wait for a HostGator operator to respond.
Channel Sanderson: Hi. We're working on our website and have run into a small snag. It seems we can only have two open SSH connections at a time this week. We were able to open more a couple weeks ago. Is this something that you can change?
Kella J.: Ok, the issue is.. You are only alllowed 2, no matter what..
Channel Sanderson: I believe we are not understanding each other. We're not trying to connect 10 times in a minute. We just need more connections. 2 is insufficient. We need a minimum of 4 simultaneous connections to our server.
Kella J.: I am sorry, I checked with my admin.. he said there is only a limit of 2, period..
Channel Sanderson: This is an unnecessary limitation in my view and badly limits my ability to do what I need to do.
Just logged in my cPanel, and Apache Server Status shows
Parent Server Generation: 7
Server uptime: 2 hours 52 minutes 5 seconds
Total accesses: 701666 - Total Traffic: 63.7 GB
CPU Usage: u1610.22 s255.4 cu0 cs0 - 18.1% CPU load
68 requests/sec - 6.3 MB/second - 95.2 kB/request
400 requests currently being processed, 0 idle workers
I told customer service and said my website (a big forum) have 4000 people now, I felt very slow, could the slowness caused by this max apache connection setting?
I got reply: "400 seems to be as high as Apache can go. Your httpd.conf settings currently show 500 max connections enabled. If Apache is stopping at 400 then this is it's hard limit for maximum connections. Also If it was able to go even higher you would eventually run into memory issues on the server that would cause the server to crash."
Can anyone tells me if "400 requests currently being processed, 0 idle workers " is a problem or could it be the cause of the slowness. I imagin if more people request connection, and apache can't deal with that much, it has to let those request wait in the queue, therefore caused slowness or time-out.
The seem server could deal with 8000 people online before, no any problem at all and speed was quite fast. I don't know what i should do now.
I've had a problem a couple of times where there is a bad ftp connection to a host. A trace reveals that there is a node timing out. What is a good way to work around this. Web based ftp client or other solution?
View 0 Replies View RelatedHow can I Limit connections per IP in IIS6?
For example 10 connection per IP is allowed in a minute.
my server always have problem about the mysql connection:
Discuz! info: Can not connect to MySQL server
Time: 2004-5-14 8:55am
Script: /index.php
Error: Too many connections
Errno.: 1040
Similar error report has beed dispatched to administrator before.
i find the solution:
add "set-variable = max_connections=1000" in my.cnf file
but didnt find the file my.cnf,my control panel is directadmin,
My PHP application is starting to reach max mysql server user connections limit (currently set to 60). I listed mysql process list in phpmyadmin and found there lot of queries with status "LOCKED" these hang there for a long time(not always just sometimes - twice a day) and then connection limit is reached. It causes load average about 40 for as long as 10 - 20 minutes
I think it may be bacause of query structure. There are some queries with many inner joins...
Here is typical situation from phpmyadmin's process list:
1. select ... from table_1
inner join table_2
inner join table_3
inner join table_4
inner join table_5
This show status : "Copying to tmp table" in phpmyadmin
2. update table_2 set ....
This shows status: Locked
3. select ... from table_2
This shows status: Locked
Seems then when temp table is being created the table_2 is locked and it cannot make update to table_2. or maybe it's locked because of just that update on table_2.
I want to avoid of creating temp tables... Can it help if I'll make separate selects without large table joins ?
My site is hosted on Dreamhost and gets over 1 million hits a day. The site is highly optimized, so it can handle the load easily without slowing the server down. Most pages have a loading time of under 0.2 seconds.
However, Dreamhost is telling me now that I'm using up too many "connections" and have limited my connections to 150 every 3 seconds (or so they say). Now 503 errors are coming up left and right, and its highly annoying to me and my users. Oh, and Dreamhost has mentioned several times that I'm oh such a very good candidate to upgrade to $400/mo dedicated hosting (from $8/mo currently).
So my question is, is this connection restriction really a valid concern of Dreamhost or are they just trying to milk me for money because my site is popular?
on setting up some sort of firewall who only allows 10 connections from the same ip to avoid spamming, abuse on the server.
How should i do this?
is a way to understand whats the bext max apache settings for me?
Maybe to look over httpd-status requests currently being processed and the number of idle servers or the number of strokes?
Or probably the best way is to use some benchmark application but then i am not sure how to test my config?
I currently have two 30/10 MB connections and I am hosting a MMO Gaming server on one of them. I have seen some topics on some forums but never really had the need to do this but now since I am getting quite a few users It would be best for me to start looking for a way to upgrade my connection. This is the fastest connection in my area. Anyways I remember hearing about a router that could combine two connections. And I was wondering could this work hosting a gaming server? I think i remember someone saying that i could setup a domain to route the server to connect to both the ips allowing twice the amout of people to connect to the server with out (connection) lag. I was wondering if this is true.
And if someone would link me to your unrecommended hardware that would be great.
I plan on installing dos_evasive as it can temporarily kill/ban an IP that makes over X amount of connections.
I ran netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n, and this is what I got:
10 218.111.214.231
10 219.95.251.185
10 222.124.226.228
10 58.187.167.20
10 61.94.234.75
10 62.168.125.217
10 82.160.42.74
10 87.116.131.18
10 89.41.71.178
11 200.193.24.226
11 218.186.9.1
11 219.93.199.121
11 220.235.171.64
11 59.128.43.234
11 60.53.77.34
11 63.109.246.234
11 83.20.72.102
11 83.237.102.75
11 84.234.144.107
11 88.226.100.145
11 88.240.137.82
12 195.229.236.216
12 203.79.252.192
12 212.90.248.182
12 220.132.87.2
12 80.130.75.239
12 82.114.184.16
12 83.26.18.242
12 85.30.223.227
12 86.108.127.28
12 87.109.49.69
12 88.247.64.131
13 200.52.193.228
13 202.155.71.40
13 222.124.172.177
13 82.116.129.110
14 195.93.21.1
14 41.251.65.79
14 80.5.154.95
14 81.10.80.75
14 82.224.40.111
14 86.17.117.193
15 196.218.42.134
15 201.19.134.99
15 212.200.185.213
15 217.171.180.249
15 218.208.196.224
15 222.124.101.183
15 80.134.70.222
15 85.160.97.238
15 88.232.120.183
16 200.188.254.9
16 200.52.193.236
16 212.118.15.140
16 81.192.124.52
16 83.14.145.170
16 85.138.71.91
16 87.207.16.154
16 89.113.75.141
17 61.196.234.202
17 82.89.37.29
17 86.135.231.183
18 80.232.249.45
18 82.114.184.206
18 88.101.26.210
19 163.121.149.170
19 194.29.137.41
19 194.44.45.13
19 195.242.99.125
19 196.202.14.244
19 196.218.117.135
19 202.158.121.223
19 81.67.245.180
19 84.255.141.132
20 200.52.193.229
20 219.83.5.20
20 88.229.128.50
20 89.245.120.136
21 196.218.143.124
21 203.130.201.196
21 63.170.84.176
21 66.249.72.173
21 72.14.207.191
21 81.192.135.224
21 82.66.227.150
21 84.29.1.151
22 155.143.244.17
22 195.207.101.112
22 202.153.240.168
22 61.94.125.143
22 85.101.146.161
23 124.106.151.75
23 88.149.99.7
24 82.77.27.129
24 88.16.34.231
25 160.39.145.94
25 202.153.240.70
25 216.125.127.12
26 196.205.97.92
26 200.104.157.183
26 202.163.117.8
26 213.180.127.198
26 60.50.95.39
26 85.71.230.49
27 194.29.137.52
27 195.189.142.249
27 201.226.162.206
27 210.6.13.208
27 81.203.41.204
27 86.90.238.96
28 193.0.240.121
28 212.76.37.150
28 89.120.133.44
29 125.162.66.116
29 74.53.121.131
30 203.222.202.121
30 213.39.219.81
30 71.109.116.122
31 222.124.143.18
31 89.34.87.91
33 193.0.240.113
33 201.9.175.242
33 212.71.37.101
33 70.68.249.239
33 81.77.85.207
34 195.229.236.215
34 86.123.142.128
35 72.49.255.217
35 85.31.137.11
36 193.231.17.50
36 202.69.97.206
36 90.156.29.82
37 77.122.158.251
37 89.40.138.184
38 121.52.52.6
38 203.218.71.132
38 82.167.71.189
39 213.17.10.87
40 196.218.145.82
40 201.22.94.226
40 206.73.210.65
40 86.9.66.1
41 152.78.243.248
42 201.220.93.84
42 210.5.121.190
43 196.204.241.250
43 196.218.89.213
44 196.218.96.82
46 84.56.103.77
48 125.212.148.112
48 41.251.69.199
49 83.203.134.84
50 213.119.151.116
50 80.133.209.50
52 81.38.15.124
53 195.245.232.26
54 88.0.63.179
57 82.201.222.144
57 83.131.27.137
57 84.226.41.129
61 129.215.149.96
64 195.113.227.31
65 198.150.36.49
65 61.102.87.80
71 84.56.109.139
73 82.216.54.222
76 196.218.136.202
76 87.118.157.79
77 89.35.90.211
78 59.127.203.49
79 81.10.35.77
81 82.148.97.68
82 213.171.62.94
84 84.36.132.189
104 213.6.215.214
108 213.51.9.184
108 41.250.0.35
110 83.41.58.76
125 84.22.2.55
132 87.209.11.249
155 196.218.142.212
165 195.242.99.84
176 200.73.225.104
190 62.135.105.86
2946 195.242.99.102
server:/#
Does that look normal to you? Because I read somewhere that you should allow no more then 30 connections per IP. But most are taking much more then that.
I'm currently using MySQL 4.1.12 for Windows 2003, and I need to know how much possible connections can MySQL achieve? I'm currently around 650. I'm having 4 new servers online, and that will bring my total concurrent connections to 1000+.
how high it can go?